Overview
Since mid-October 2014, a phishing campaign has targeted a wide variety of recipients while employing the Dyre/Dyreza banking malware. Elements of this phishing campaign vary from target to target including senders, attachments, exploits, themes, and payload(s).[1][2] Although this campaign uses various tactics, the actor’s intent is to entice recipients into opening attachments and downloading malware.

The Sandworm vulnerability is being actively abused to attack Swiss banking customers, Danish security consultancy CSIS has warned.
CSIS reports that the attacks are pushing the latest version of the Dyre banking Trojan.

Dyre crackdown, the biggest effort to date by Russian authorities against cybercrime

Russian law enforcement and intelligence agencies in November raided offices of a Russian film distribution and production company as part of an operation against one of the world’s most notorious cybercrime ring.

The authorities were supported by the experts at Kaspersky Lab who confirmed the involvement and announced it would reveal details about the operation at its annual conference.